diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 274ea46b1d72b109787d3ff5a6c71f8f8dbc064c..1baa03ec969c696c3722095288c8fcad4d7a2cea 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 910 -#define NUM_SN 903 -#define NUM_LN 903 -#define NUM_OBJ 853 +#define NUM_NID 911 +#define NUM_SN 904 +#define NUM_LN 904 +#define NUM_OBJ 854 -static const unsigned char lvalues[5949]={ +static const unsigned char lvalues[5953]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -921,6 +921,7 @@ static const unsigned char lvalues[5949]={ 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5915] OBJ_id_camellia128_wrap */ 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5926] OBJ_id_camellia192_wrap */ 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5937] OBJ_id_camellia256_wrap */ +0x55,0x1D,0x25,0x00, /* [5948] OBJ_anyExtendedKeyUsage */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2388,6 +2389,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ 11,&(lvalues[5926]),0}, {"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap, 11,&(lvalues[5937]),0}, +{"anyExtendedKeyUsage","Any Extended Key Usage", + NID_anyExtendedKeyUsage,4,&(lvalues[5948]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -2581,6 +2584,7 @@ static const unsigned int sn_objs[NUM_SN]={ 363, /* "ad_timestamping" */ 376, /* "algorithm" */ 405, /* "ansi-X9-62" */ +910, /* "anyExtendedKeyUsage" */ 746, /* "anyPolicy" */ 370, /* "archiveCutoff" */ 484, /* "associatedDomain" */ @@ -3300,6 +3304,7 @@ static const unsigned int ln_objs[NUM_LN]={ 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ 368, /* "Acceptable OCSP Responses" */ +910, /* "Any Extended Key Usage" */ 664, /* "Any language" */ 177, /* "Authority Information Access" */ 365, /* "Basic OCSP Response" */ @@ -4325,6 +4330,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ 96, /* OBJ_mdc2WithRSA 2 5 8 3 100 */ 95, /* OBJ_mdc2 2 5 8 3 101 */ 746, /* OBJ_any_policy 2 5 29 32 0 */ +910, /* OBJ_anyExtendedKeyUsage 2 5 29 37 0 */ 519, /* OBJ_setct_PANData 2 23 42 0 0 */ 520, /* OBJ_setct_PANToken 2 23 42 0 1 */ 521, /* OBJ_setct_PANOnly 2 23 42 0 2 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index ffbe29ad9c82261bd44a7f5636cf49e4f3f61ddd..7776abe72d28d82b2ba13751ea4c473ad0758a83 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -2403,6 +2403,11 @@ #define NID_no_rev_avail 403 #define OBJ_no_rev_avail OBJ_id_ce,56L +#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage" +#define LN_anyExtendedKeyUsage "Any Extended Key Usage" +#define NID_anyExtendedKeyUsage 910 +#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L + #define SN_netscape "Netscape" #define LN_netscape "Netscape Communications Corp." #define NID_netscape 57 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 5a9efea04d832ed2fae3ef610dd695b4f7e336be..bc8bc89a9c3dc7d542e25244a7fcc5eba1bcb249 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -907,3 +907,4 @@ aes_256_ctr 906 id_camellia128_wrap 907 id_camellia192_wrap 908 id_camellia256_wrap 909 +anyExtendedKeyUsage 910 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index d24b9ce7e1039caff4ee12e630c1ee7c3456ec8c..87c97c6105f23858702840cb6cf2a71eef591ff6 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -771,6 +771,10 @@ id-ce 55 : targetInformation : X509v3 AC Targeting !Cname no-rev-avail id-ce 56 : noRevAvail : X509v3 No Revocation Available +# From RFC5280 +ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage + + !Cname netscape 2 16 840 1 113730 : Netscape : Netscape Communications Corp. !Cname netscape-cert-extension diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 181bd34979bc5ed1709fb62849e3c78155411214..7c4aa323aedd9846f9f914b6cb3ad2c28f964d7f 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -447,6 +447,10 @@ static void x509v3_cache_extensions(X509 *x) case NID_dvcs: x->ex_xkusage |= XKU_DVCS; break; + + case NID_anyExtendedKeyUsage: + x->ex_xkusage |= XKU_ANYEKU; + break; } } sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index b308abe7cd471988b33cb04b3ecfd505b5ab86ef..34909475ae6e9677a203066e50d08e9b3fc5af23 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -451,6 +451,7 @@ struct ISSUING_DIST_POINT_st #define XKU_OCSP_SIGN 0x20 #define XKU_TIMESTAMP 0x40 #define XKU_DVCS 0x80 +#define XKU_ANYEKU 0x100 #define X509_PURPOSE_DYNAMIC 0x1 #define X509_PURPOSE_DYNAMIC_NAME 0x2